REMARKS 



The above amendment is made in response to the Final Office action of July 19, 201 1 . 
The Examiner's reconsideration is respectfully requested in view of the above amendment 
and the following remarks. 

Claims 5-7 have been canceled, without prejudice. Claims 1-4, 9-13, 15 and 17 have 
been amended, and new claims 19-28 have been added. The present amendment introduces 
no new matter, as support is found throughout the originally filed specification and claims. 

Claims 1-4 and 8-18 and new claims 19-28 are pending in the present application upon 
entry of the above amendment. 

Examiner Interview Summary 

Applicant thanks Examiner Khoshnoodi for granting the courtesy of telephone 
interviews on November 29, 201 1, and December 9, 201 1 . In the telephone interviews the 
undersigned attorney for Applicant and the Examiner had a discussion on the amendments to 
the claims proposed by the undersigned. No agreement has been reached during the 
telephone interviews. 

Rejections under 35 U.S.C. 103(a) 

Claims 1-4 and 8-18 stand rejected under 35 U.S.C. 103(a) as being unpatentable over 
a combination of prior art references. Claims 1, 4 and 10-12 stand rejected over Taylor et al., 
U.S. Patent No. 6,278,885 (hereinafter "Taylor") and further in view of Malcolm, U.S. Patent 
No. 7,146,638 (hereinafter "Malcolm"); claims 2, 3, 8 and 9 stand rejected over Taylor and 
Malcolm as applied to claims 1 and 4 and further in view of Yadav, U.S. Patent Publication 
No. 2003/0149887 (hereinafter "Yadav"); and claims 13-18 stand rejected over Taylor, 
Malcolm and further in view of Kokado, U.S. Pub. No. 2003/01 15327 (hereinafter 
"Kokado"). 

In the rejections of independent claims 1, 4 and 10, the Examiner has stated that 
Taylor teaches all the elements of the independent claims, except for the 'internal permitted 
program storage' of the claimed invention which the Examiner has further stated is taught by 
Malcolm. Applicant respectfully traverses the rejections, especially, in view of the above 
amended claims. 
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Applicant has amended independent claims 1, 4 and 10 to further clarify the subject 
matters of the claimed invention and include limitations distinct over the cited references in 
consideration of the Examiner's comments in the telephone interviews. Amended claims 1, 4 
and 10 are as follows: 

1. A network security system controlling inbound traffic by using a 
firewall, the firewall protecting a corresponding network connection of a computer 
to a network by setting restrictions on information communicated between 
networks, comprising: 

a port monitoring unit extracting information about a server port, wherein 
the server port is designated as a port of a network communication program; 

an internal permitted program storage storing a list of programs permitted 
by the firewall, wherein the internal permitted program storage adds a program to 
the list by extracting information about the program for which communication is to 
be permitted by the firewall; and 

a firewall flexible device determining whether the network communication 
program is registered in the list of programs stored in the internal permitted program 
storage; 

wherein the firewall flexible device automatically storing the extracted 
information about the server port in an internal permitted port storage if the network 
communication program is registered in the list of programs stored in the internal 
permitted program storage;.and 

wherein the firewall flexible device further determines whether a port of a 
packet of inbound traffic matches with the server port and blocks the packet of 
inbound traffic if the port does not match with the server port. 

[emphasis added] 

4. A network security method controlling inbound traffic by using a 
firewall, the firewall protecting a corresponding network connection of a computer 
to a network by setting restrictions on information communicated between 
networks, comprising: 

storing in an internal permitted program storage a list of programs permitted 
by the firewall; 

extracting information about a server port, wherein the server port is 
designated as a port of a network communication program; 

determining whether the network communication program is registered in 
the list of programs stored in the internal permitted program storage; 

automatically storing the extracted information about the server port in an 
internal permitted port storage if the network communication program is registered 
in the list of programs stored in the internal permitted program storage; 

determining whether a port of a packet of inbound traffic matches with the 
server port; and 
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blocking the packet of inbound traffic if the port does not match with the 
server port. 

[emphasis added] 

10. A computer recordable device for performing a network security method 
controlling inbound traffic by using a firewall, the device storing a program for 
executing the method, the method comprising: 

storing in an internal permitted program storage a list of programs permitted 
by the firewall; 

extracting information about a server port, wherein the server port is 
designated as a port of a network communication program; 

determining whether the network communication program is registered in 
the list of programs stored in the internal permitted program storage; 

automatically storing the extracted information about the server port in an 
internal permitted port storage if the network communication program is registered 
in the list of programs stored in the internal permitted program storage; 

determining whether a port of a packet of inbound traffic matches with the 
server port; and 

blocking the packet of inbound traffic if the port does not match with the 
server port. 

[emphasis added] 

A network security system of the claimed invention is controlling inbound traffic by 
using a firewall where a server port is designated as a port of a network communication 
program , the information of the server port is automatically stored in an internal port storage 
if the network communication program is registered in an internal program storage, and the 
inbound traffic is blocked if a port of the inbound traffic does not match with the server port. 
In particular, the firewall of the network security system of the claimed invention operates 
with respect to the inbound traffic to control the pass or block of a packet of the inbound 
traffic. In order to do that, the network security system obtains the information of a server 
port which is designated as a port of a network communication program (i.e., a program for 
which communication to be permitted by the firewall). Once the network communication 
program is determined to be registered in an internal program storage (i.e., a storage storing a 
list of programs permitted by the firewall), the information of the server port is automatically 
stored in an internal port storage. The inbound traffic may be passed or blocked based on 
determination of whether a port of a packet of the inbound traffic matches or does not match 
with the server port. 
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In contrast, although Taylor and Malcolm disclose obtaining information of a port for 
their firewall function, the information is obtained about a port associated with a packet of a 
communication message , which is not comparable with the server port designated as a port of 
a program for which communication to be permitted by the firewall as required in the claimed 
invention. In Taylor and Malcolm, the firewall functions based on the determination whether 
the information of a port of the packet matches with registered data (in Taylor) or access rules 
(in Malcolm) which are manually configured by a system administrator (in Taylor) or a user 
(in Malcolm) . Applicant submits that Taylor and Malcolm lack teaching or suggestion of 
obtaining information about a server port that is designated as a port of a network 
communication program , and automatically storing the information of the server port if the 
network communication program is registered in a permitted program storage , as recited in 
claims 1, 4 and 10. 

Assuming that the obtaining information of a port of a packet in Taylor and Malcolm 
would be relating to the determining match of a port of a packet in the claimed invention, the 
port of a packet in Taylor and Malcolm are not comparable with and teaches away from the 
sever port of the claimed invention. There is no teaching or suggestion in Taylor and 
Malcolm, either alone or in combination, of the server port designated as a port of a network 
communication program and obtaining and automatically storing the information thereof, as 
recited in claims 1, 4 and 10. 

Thus, it is believed that claims 1, 4 and 10 are patentably distinct and non-obvious in 
view of Taylor and Malcolm, either alone or in combination. 

Dependent claims 2, 3, 8, 9 and 1 1-18 depend from one of the independent claims, and 
thus include the limitations of the corresponding independent claim. Thus, Taylor and 
Malcolm, either alone or in combination, fail to render obvious the subject matter of the 
dependent claims. The Examiner has relied on Yadav and Kokado to make up for the 
deficiencies of Taylor and Malcolm. Applicant submits that there is no teaching or suggestion 
either in Yadav and Kokado of anything about the above mentioned features of the claimed 
invention. 

Thus, dependent claims 2, 3, 8, 9 and 1 1-18 are believed to be allowable for at least 
the reasons given to independent claims 1, 4 and 10. 
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Accordingly, Applicant respectfully request Examiner's reconsideration and 
withdrawal of the rejections on claims 1-4 and 8-18. 

New Claims 

Applicant has also added new claims 19-28 which include no new matter and are fully 
supported by the specification and the drawings of the present application. The new claims 
further define the distinct subject matters of the present invention. The new claims have been 
carefully written to avoid any questions under 35 U.S.C. § 1 12. 

Accordingly, it is believed that the new claims are in condition for allowance. 

Conclusion 

In view of the foregoing, it is respectfully submitted that the present application is in 
condition for allowance. Accordingly, it is respectfully requested that this application be 
allowed and a Notice of Allowance issued. If the Examiner believes that a telephone 
conference with Applicant's attorneys would be advantageous to the disposition of this case, 
the Examiner is cordially requested to telephone the undersigned. 

In the event the Commissioner of Patents and Trademarks deems additional fees to be 
due in connection with this application, Applicant's attorney hereby authorizes that such fee 
be charged to Deposit Account No. 50-5622. 

Respectfully submitted, 

Date: December 19,2011 By: /Jae Y. Park/ 

JAE Y. PARK 
Reg. No.: 62,629 
Attorney for applicant 

Kile Park Goekjian Reed & McManus PLLC 
1200 New Hampshire Avenue NW, Suite 570 
Washington, DC 20036 
Tel. No.: 202-263-0809 
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